This service addresses the ongoing internal and external vulnerability scanning, pen testing, and wireless testing requirements of PCI along with completion of questionnaires and attestations. Illumant determines the applicable PCI-DSS requirements for each client based on transaction volume, credit card handling processes, and partner relationships. We prepare the relevant self-assessment questionnaire (SAQ) and any applicable attestations of compliance (AOCs). We address approved scanning vendor (ASV) requirements, and conduct all internal vulnerability assessments, penetration testing, and quarterly wireless security assessments. Internal assessments are handled remotely via supplied appliance. The PCI-C helps protect cardholder data, and simplifies on-going compliance with all the requirements of PCI. We can also assist with updates to and initial development of security and PCI-related policies and procedures.
SAQ AOC ASV vulnerability assessment wireless secutiry assessment penetration testing
credit card data cardholder data enviroment CDE perimeter internal servers routers firewalls VLANs workstations wireless rogue access points payment gateway virtual terminal point-of-sale POS